Loading...
/etc/passwd - Contains local user account information.
/etc/security/passwd - Contains encrypted user passwords.
/etc/shadow - If exists, contains shadow passwords.
/etc/group - Contains group information.
/etc/security/group - Contains additional group definitions.
/etc/services - Defines network services and ports.
/etc/inittab - Initialization table.
/etc/hosts - Contains local DNS entries.
/etc/resolv.conf - Contains DNS client configuration.
/etc/exports - NFS export configuration.
/etc/security/user - Contains user-specific security settings.
/etc/sudoers - Contains sudo configuration.
/home/* - User home directories often contain interesting files.
/var/log/audit/audit.log - Audit logs.
/var/log/syslog - System logs.
/var/adm/sulog - Contains log of su command usage.
/var/adm/wtmp and /var/adm/lastlog - Contains login records.
/etc/rc.tcpip - Contains TCP/IP startup script.
/etc/protocols - Contains network protocols definitions.
/etc/rpc - Contains Remote Procedure Call information.
/usr/bin/ - Common binaries.
/usr/sbin/ - System binaries.
/usr/local/bin/ - Locally installed binaries.
/usr/local/sbin/ - Locally installed system binaries.
/opt/ - Optional add-on software.
/proc - Contains process information.
/etc/oslevel - Contains OS level information.
Any .bak, .tar, .zip, .gz, etc. files, especially in directories associated with important services or applications.